1ad9938e611931ccdd8717f61d1c4850_JaffaCakes118 | Triage

Sharing

General

Target

1ad9938e611931ccdd8717f61d1c4850_JaffaCakes118
Size

124KB
MD5

1ad9938e611931ccdd8717f61d1c4850
SHA1

2b3d2d11fa9d4e24f80bb7154a5d107734795592
SHA256

e4a84cf6725ac0a3f58496f86445c6b051d44a8be73989ff80383eee5c35f398
SHA512

688c6bb572bfd1eb3c5a97213a81f1b6719ff89531612bb13d11564c8d4f611341cdbb4ef1f4c77e2d82ab092723427f360669b1299fae13462c2bd099236129
SSDEEP

1536:5CC54MLohMBkP8R3w+z0q7uIMeH0jM12/XXBThQs/RxeZg9fV2mdTh8:w5MLohwJPPBMTM12/5L/beZws

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1ad9938e611931ccdd8717f61d1c4850_JaffaCakes118

Files

1ad9938e611931ccdd8717f61d1c4850_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1f172c5b8104810f74eb659876ab5896

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
LockResource
LoadResource
SizeofResource
FindResourceA
OpenMutexA
LoadLibraryA
WriteFile
CloseHandle
CreateMutexA
GetModuleFileNameA
HeapAlloc
HeapFree
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
RtlUnwind
GetLastError
SetFilePointer
MultiByteToWideChar
GetCPInfo
GetACP
GetOEMCP
SetStdHandle
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
FlushFileBuffers

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE